A Patch for Postel´s Robustness Principle

Jon Postel\´s Robustness Principle- "Be conservative in what you do, and liberal in what you accept from others"- played a fundamental role in how Internet protocols were designed and implemented. Its influence went far beyond direct application by Internet Engineering Task Force (IETF) designers, as generations of programmers learned from examples of the protocols and server implementations it had shaped. However, it is argued that its misinterpretations were also responsible for the proliferation of Internet insecurity. In particular, several mistakes in interpreting Postel\´s principle lead to the opposite of robustness-unmanageable insecurity. These misinterpretations, although frequent, are subtle, and recognizing them requires closely examining fundamental concepts of computation and exploitation (or equivalent intuitions). The paper intends neither an attack on the principle nor its deconstruction, any more than a patch on a useful program intends to slight the program. It presents a view of protocol design that helps avoid these mis takes and to "patch" the principle\´s common formulation to remove the potential weakness that these mistakes represent.